Add all the source files from the old CVS tree,

add the 5 missing chapters from the HOWTO
and add jht's Samba by Example book.
(This used to be commit 9fb5bcb93e57c5162b3ee6f9c7d777dc0269d100)

27 files changed, 557 insertions, 0 deletions

diff --git a/docs/smbdotconf/protocol/announceas.xml b/docs/smbdotconf/protocol/announceas.xml
new file mode 100644
index 0000000000..f541fca986
--- /dev/null
+++ b/docs/smbdotconf/protocol/announceas.xml
@@ -0,0 +1,21 @@
+<samba:parameter name="announce as"
+                 context="G"
+				 type="string"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This specifies what type of server <citerefentry><refentrytitle>nmbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> will announce itself as, to a network neighborhood browse 
+    list. By default this is set to Windows NT. The valid options 
+    are : &quot;NT Server&quot; (which can also be written as &quot;NT&quot;), 
+    &quot;NT Workstation&quot;, &quot;Win95&quot; or &quot;WfW&quot; meaning Windows NT Server, 
+    Windows NT Workstation, Windows 95 and Windows for Workgroups 
+    respectively. Do not change this parameter unless you have a 
+    specific need to stop Samba appearing as an NT server as this 
+    may prevent Samba servers from participating as browser servers 
+	correctly.</para>
+</description>
+
+<value type="default">NT Server</value>
+<value type="example">Win95</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/announceversion.xml b/docs/smbdotconf/protocol/announceversion.xml
new file mode 100644
index 0000000000..060fb983e1
--- /dev/null
+++ b/docs/smbdotconf/protocol/announceversion.xml
@@ -0,0 +1,14 @@
+<samba:parameter name="announce version"
+                 context="G"
+                 developer="1"
+				 type="string"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This specifies the major and minor version numbers 
+    that nmbd will use when announcing itself as a server. The default 
+    is 4.9.  Do not change this parameter unless you have a specific 
+	need to set a Samba server to be a downlevel server.</para>
+</description>
+<value type="default">4.9</value>
+<value type="example">2.0</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/clientusespnego.xml b/docs/smbdotconf/protocol/clientusespnego.xml
new file mode 100644
index 0000000000..96957c6642
--- /dev/null
+++ b/docs/smbdotconf/protocol/clientusespnego.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="client use spnego"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para> This variable controls whether samba clients will try 
+    to use Simple and Protected NEGOciation (as specified by rfc2478) with 
+    WindowsXP and Windows2000 servers to agree upon an authentication mechanism. 
+	SPNEGO client support for SMB Signing is currently broken, so 
+	you might want to turn this option off when operating with  
+	Windows 2003 domain controllers in particular.
+</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/disablenetbios.xml b/docs/smbdotconf/protocol/disablenetbios.xml
new file mode 100644
index 0000000000..d0a84c5d3e
--- /dev/null
+++ b/docs/smbdotconf/protocol/disablenetbios.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="disable netbios"
+                 context="G"
+				 type="boolean"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>Enabling this parameter will disable netbios support
+    in Samba. Netbios is the only available form of browsing in 
+    all windows versions except for 2000 and XP. </para>
+
+    <note><para>Clients that only support netbios won't be able to 
+    see your samba server when netbios support is disabled.
+	</para></note>
+</description>
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/easupport.xml b/docs/smbdotconf/protocol/easupport.xml
new file mode 100644
index 0000000000..b64130b620
--- /dev/null
+++ b/docs/smbdotconf/protocol/easupport.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="ea support"
+                 context="S"
+				 type="boolean"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether <citerefentry><refentrytitle>smbd</refentrytitle>                                       
+    <manvolnum>8</manvolnum></citerefentry> will allow clients to attempt to store OS/2 style Extended
+    attributes on a share. In order to enable this parameter the underlying filesystem exported by
+    the share must support extended attributes (such as provided on XFS and EXT3 on Linux, with the
+    correct kernel patches). On Linux the filesystem must have been mounted with the mount option user_xattr.</para>
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/largereadwrite.xml b/docs/smbdotconf/protocol/largereadwrite.xml
new file mode 100644
index 0000000000..fce02296d6
--- /dev/null
+++ b/docs/smbdotconf/protocol/largereadwrite.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="large readwrite"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This parameter determines whether or not
+    <citerefentry><refentrytitle>smbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> supports the new 64k
+    streaming read and write varient SMB requests introduced with
+    Windows 2000. Note that due to Windows 2000 client redirector bugs
+    this requires Samba to be running on a 64-bit capable operating
+    system such as IRIX, Solaris or a Linux 2.4 kernel. Can improve
+    performance by 10% with Windows 2000 clients. Defaults to on. Not as
+	tested as some other Samba code paths.</para>
+</description>
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/mapaclinherit.xml b/docs/smbdotconf/protocol/mapaclinherit.xml
new file mode 100644
index 0000000000..60df0a7423
--- /dev/null
+++ b/docs/smbdotconf/protocol/mapaclinherit.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="map acl inherit"
+                 context="S"
+				 type="boolean"
+                 advanced="1" wizard="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether <citerefentry><refentrytitle>smbd</refentrytitle>                                       
+    <manvolnum>8</manvolnum></citerefentry> will attempt to map the 'inherit' and 'protected'
+    access control entry flags stored in Windows ACLs into an extended attribute
+    called user.SAMBA_PAI. This parameter only takes effect if Samba is being run
+    on a platform that supports extended attributes (Linux and IRIX so far) and
+    allows the Windows 2000 ACL editor to correctly use inheritance with the Samba
+    POSIX ACL mapping code.
+    </para>
+</description>
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/maxmux.xml b/docs/smbdotconf/protocol/maxmux.xml
new file mode 100644
index 0000000000..c9ca8b71e9
--- /dev/null
+++ b/docs/smbdotconf/protocol/maxmux.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="max mux"
+                 context="G"
+                 advanced="1" developer="1"
+				 type="integer"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This option controls the maximum number of 
+    outstanding simultaneous SMB operations that Samba tells the client 
+	it will allow. You should never need to set this parameter.</para>
+</description>
+
+<value type="default">50</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/maxprotocol.xml b/docs/smbdotconf/protocol/maxprotocol.xml
new file mode 100644
index 0000000000..8c34451541
--- /dev/null
+++ b/docs/smbdotconf/protocol/maxprotocol.xml
@@ -0,0 +1,48 @@
+<samba:parameter name="max protocol"
+                 context="G"
+				 type="enum"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>The value of the parameter (a string) is the highest 
+    protocol level that will be supported by the server.</para>
+
+    <para>Possible values are :</para>
+    <itemizedlist>
+	<listitem>
+	    <para><constant>CORE</constant>: Earliest version. No 
+	    concept of user names.</para>
+	</listitem>
+			
+	<listitem>
+	    <para><constant>COREPLUS</constant>: Slight improvements on 
+	    CORE for efficiency.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>LANMAN1</constant>: First <emphasis>
+	    modern</emphasis> version of the protocol. Long filename
+	    support.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>LANMAN2</constant>: Updates to Lanman1 protocol.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>NT1</constant>: Current up to date version of the protocol. 
+	    Used by Windows NT. Known as CIFS.</para>
+	</listitem>
+    </itemizedlist>
+
+    <para>Normally this option should not be set as the automatic 
+    negotiation phase in the SMB protocol takes care of choosing 
+	the appropriate protocol.</para>
+</description>
+
+<related>min protocol</related>
+<synonym>protocol</synonym>
+
+<value type="default">NT1</value>
+<value type="example">LANMAN1</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/maxttl.xml b/docs/smbdotconf/protocol/maxttl.xml
new file mode 100644
index 0000000000..347a50b106
--- /dev/null
+++ b/docs/smbdotconf/protocol/maxttl.xml
@@ -0,0 +1,14 @@
+<samba:parameter name="max ttl"
+                 context="G"
+				 type="integer"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This option tells <citerefentry><refentrytitle>nmbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> what the default 'time to live' 
+    of NetBIOS names should be (in seconds) when <command moreinfo="none">nmbd</command> is 
+    requesting a name using either a broadcast packet or from a WINS server. You should 
+	never need to change this parameter. The default is 3 days.</para>
+</description>
+<value type="default">259200</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/maxwinsttl.xml b/docs/smbdotconf/protocol/maxwinsttl.xml
new file mode 100644
index 0000000000..ce6b5b5863
--- /dev/null
+++ b/docs/smbdotconf/protocol/maxwinsttl.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="max wins ttl"
+				 type="integer"
+                 context="G"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This option tells <citerefentry><refentrytitle>smbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> when acting as a WINS server (<link linkend="WINSSUPPORT">
+    <parameter moreinfo="none">wins support = yes</parameter></link>) what the maximum
+    'time to live' of NetBIOS names that <command moreinfo="none">nmbd</command> 
+    will grant will be (in seconds). You should never need to change this
+	parameter.  The default is 6 days (518400 seconds).</para>
+</description>
+
+<related>min wins ttl</related>
+<value type="default">518400</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/maxxmit.xml b/docs/smbdotconf/protocol/maxxmit.xml
new file mode 100644
index 0000000000..e7a3cdb76a
--- /dev/null
+++ b/docs/smbdotconf/protocol/maxxmit.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="max xmit"
+                 context="G"
+				 type="integer"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This option controls the maximum packet size 
+    that will be negotiated by Samba. The default is 65535, which 
+    is the maximum. In some cases you may find you get better performance 
+    with a smaller value. A value below 2048 is likely to cause problems.
+</para>
+</description>
+
+<value type="default">65535</value>
+<value type="example">8192</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/minprotocol.xml b/docs/smbdotconf/protocol/minprotocol.xml
new file mode 100644
index 0000000000..53ac3d22db
--- /dev/null
+++ b/docs/smbdotconf/protocol/minprotocol.xml
@@ -0,0 +1,23 @@
+<samba:parameter name="min protocol"
+                 context="G"
+				 type="string"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>The value of the parameter (a string) is the 
+    lowest SMB protocol dialect than Samba will support.  Please refer
+    to the <link linkend="MAXPROTOCOL"><parameter moreinfo="none">max protocol</parameter></link>
+    parameter for a list of valid protocol names and a brief description
+    of each.  You may also wish to refer to the C source code in
+    <filename moreinfo="none">source/smbd/negprot.c</filename> for a listing of known protocol
+    dialects supported by clients.</para>
+		
+    <para>If you are viewing this parameter as a security measure, you should
+    also refer to the <link linkend="LANMANAUTH"><parameter moreinfo="none">lanman 
+    auth</parameter></link> parameter.  Otherwise, you should never need 
+    to change this parameter.</para>
+</description>
+
+<value type="default">CORE</value>
+<value type="example">NT1</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/minwinsttl.xml b/docs/smbdotconf/protocol/minwinsttl.xml
new file mode 100644
index 0000000000..56afab25eb
--- /dev/null
+++ b/docs/smbdotconf/protocol/minwinsttl.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="min wins ttl"
+                 context="G"
+				 type="integer"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This option tells <citerefentry><refentrytitle>nmbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry>
+    when acting as a WINS server (<link linkend="WINSSUPPORT"><parameter moreinfo="none">
+    wins support = yes</parameter></link>) what the minimum 'time to live' 
+    of NetBIOS names that <command moreinfo="none">nmbd</command> will grant will be (in 
+    seconds). You should never need to change this parameter.  The default 
+    is 6 hours (21600 seconds).</para>
+</description>
+
+<value type="default">21600</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/nameresolveorder.xml b/docs/smbdotconf/protocol/nameresolveorder.xml
new file mode 100644
index 0000000000..00ff0e658d
--- /dev/null
+++ b/docs/smbdotconf/protocol/nameresolveorder.xml
@@ -0,0 +1,70 @@
+<samba:parameter name="name resolve order"
+                 context="G"
+				 type="list"
+                 advanced="1" wizard="1" developer="1"
+                 xmlns:samba="http://samba.org/common"> 
+<description>
+    <para>This option is used by the programs in the Samba 
+    suite to determine what naming services to use and in what order 
+    to resolve host names to IP addresses. Its main purpose to is to
+    control how netbios name resolution is performed.  The option takes a space 
+    separated string of name resolution options.</para>
+
+    <para>The options are: &quot;lmhosts&quot;, &quot;host&quot;,
+    &quot;wins&quot; and &quot;bcast&quot;. They cause names to be
+    resolved as follows:</para>
+
+    <itemizedlist>
+	<listitem>
+	    <para><constant>lmhosts</constant> : Lookup an IP 
+	    address in the Samba lmhosts file. If the line in lmhosts has 
+	    no name type attached to the NetBIOS name (see the <ulink 
+            noescape="1" url="lmhosts.5.html">lmhosts(5)</ulink> for details) then
+	    any name type matches for lookup.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>host</constant> : Do a standard host 
+	    name to IP address resolution, using the system <filename moreinfo="none">/etc/hosts
+	    </filename>, NIS, or DNS lookups. This method of name resolution 
+	    is operating system depended for instance on IRIX or Solaris this 
+	    may be controlled by the <filename moreinfo="none">/etc/nsswitch.conf</filename> 
+	    file.  Note that this method is used only if the NetBIOS name 
+	    type being queried is the 0x20 (server) name type or 0x1c (domain controllers). 
+            The latter case is only useful for active directory domains and results in a DNS
+            query for the SRV RR entry matching _ldap._tcp.domain.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>wins</constant> : Query a name with 
+	    the IP address listed in the <link linkend="WINSSERVER"><parameter moreinfo="none">
+	    wins server</parameter></link> parameter.  If no WINS server has
+	    been specified this method will be ignored.</para>
+	</listitem>
+
+	<listitem>
+	    <para><constant>bcast</constant> : Do a broadcast on 
+	    each of the known local interfaces listed in the <link linkend="INTERFACES"><parameter moreinfo="none">interfaces</parameter></link> 
+	    parameter. This is the least reliable of the name resolution 
+	    methods as it depends on the target host being on a locally 
+	    connected subnet.</para>
+	</listitem>
+</itemizedlist>
+
+    <para>The example below will cause the local lmhosts file to be examined 
+    first, followed by a broadcast attempt, followed by a normal 
+    system hostname lookup.</para>
+
+    <para>When Samba is functioning in ADS security mode (<command moreinfo="none">security = ads</command>)
+    it is advised to use following settings for <parameter moreinfo="none">name resolve order</parameter>:</para>
+
+    <para><command moreinfo="none">name resolve order = wins bcast</command></para>
+
+    <para>DC lookups will still be done via DNS, but fallbacks to netbios names will
+		not inundate your DNS servers with needless querys for DOMAIN&lt;0x1c&gt; lookups.</para>
+ 
+</description>
+
+<value type="default">lmhosts host wins bcast</value>
+<value type="example">lmhosts bcast host</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/ntaclsupport.xml b/docs/smbdotconf/protocol/ntaclsupport.xml
new file mode 100644
index 0000000000..be1d0eef9c
--- /dev/null
+++ b/docs/smbdotconf/protocol/ntaclsupport.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="nt acl support"
+                 context="S"
+                 advanced="1" wizard="1"
+				 type="boolean"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether <citerefentry><refentrytitle>smbd</refentrytitle>                                       
+    <manvolnum>8</manvolnum></citerefentry> will attempt to map 
+    UNIX permissions into Windows NT access control lists.
+    This parameter was formally a global parameter in releases
+    prior to 2.2.2.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/ntpipesupport.xml b/docs/smbdotconf/protocol/ntpipesupport.xml
new file mode 100644
index 0000000000..2ea3b175f5
--- /dev/null
+++ b/docs/smbdotconf/protocol/ntpipesupport.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="nt pipe support"
+                 context="G"
+                 advanced="1" developer="1"
+				 type="boolean"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether 
+    <citerefentry><refentrytitle>smbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> will allow Windows NT 
+    clients to connect to the NT SMB specific <constant>IPC$</constant> 
+    pipes. This is a developer debugging option and can be left
+	alone.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/ntstatussupport.xml b/docs/smbdotconf/protocol/ntstatussupport.xml
new file mode 100644
index 0000000000..931b3f135d
--- /dev/null
+++ b/docs/smbdotconf/protocol/ntstatussupport.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="nt status support"
+                 context="G"
+				 type="boolean"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether <citerefentry><refentrytitle>smbd</refentrytitle>                                       
+    <manvolnum>8</manvolnum></citerefentry> will negotiate NT specific status
+    support with Windows NT/2k/XP clients. This is a developer debugging option and should be left alone.
+    If this option is set to <constant>no</constant> then Samba offers
+    exactly the same DOS error codes that versions prior to Samba 2.2.3
+    reported.</para>
+
+    <para>You should not need to ever disable this parameter.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/profileacls.xml b/docs/smbdotconf/protocol/profileacls.xml
new file mode 100644
index 0000000000..a5bb5c46da
--- /dev/null
+++ b/docs/smbdotconf/protocol/profileacls.xml
@@ -0,0 +1,38 @@
+<samba:parameter name="profile acls"
+                 context="S"
+				 type="boolean"
+                 advanced="1" wizard="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+	<para>
+	This boolean parameter was added to fix the problems that people have been
+	having with storing user profiles on Samba shares from Windows 2000 or
+	Windows XP clients. New versions of Windows 2000 or Windows XP service
+	packs do security ACL checking on the owner and ability to write of the
+	profile directory stored on a local workstation when copied from a Samba
+	share.
+</para>
+
+<para>When not in domain mode with winbindd then the security info copied
+	onto the local workstation has no meaning to the logged in user (SID) on
+	that workstation so the profile storing fails. Adding this parameter
+	onto a share used for profile storage changes two things about the
+	returned Windows ACL. Firstly it changes the owner and group owner
+	of all reported files and directories to be BUILTIN\\Administrators,
+	BUILTIN\\Users respectively (SIDs S-1-5-32-544, S-1-5-32-545). Secondly
+	it adds an ACE entry of "Full Control" to the SID BUILTIN\\Users to
+	every returned ACL. This will allow any Windows 2000 or XP workstation
+	user to access the profile.</para>
+	
+	<para>Note that if you have multiple users logging
+	on to a workstation then in order to prevent them from being able to access
+	each others profiles you must remove the "Bypass traverse checking" advanced
+	user right. This will prevent access to other users profile directories as
+	the top level profile directory (named after the user) is created by the
+	workstation profile code and has an ACL restricting entry to the directory
+	tree to the owning user.
+</para>
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/readbmpx.xml b/docs/smbdotconf/protocol/readbmpx.xml
new file mode 100644
index 0000000000..f27eeb160c
--- /dev/null
+++ b/docs/smbdotconf/protocol/readbmpx.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="read bmpx"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This boolean parameter controls whether
+    <citerefentry><refentrytitle>smbd</refentrytitle>                                       
+    <manvolnum>8</manvolnum></citerefentry> will support the &quot;Read
+    Block Multiplex&quot; SMB. This is now rarely used and defaults to 
+    <constant>no</constant>. You should never need to set this 
+	parameter.</para>
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/readraw.xml b/docs/smbdotconf/protocol/readraw.xml
new file mode 100644
index 0000000000..bf53a1c0ac
--- /dev/null
+++ b/docs/smbdotconf/protocol/readraw.xml
@@ -0,0 +1,26 @@
+<samba:parameter name="read raw"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This parameter controls whether or not the server 
+    will support the raw read SMB requests when transferring data 
+    to clients.</para>
+
+    <para>If enabled, raw reads allow reads of 65535 bytes in 
+    one packet. This typically provides a major performance benefit.
+    </para>
+
+    <para>However, some clients either negotiate the allowable 
+    block size incorrectly or are incapable of supporting larger block 
+	sizes, and for these clients you may need to disable raw reads.</para>
+
+<para>In general this parameter should be viewed as a system tuning 
+	tool and left severely alone.</para>
+</description>
+
+<value type="default">yes</value>
+
+<related>write raw</related>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/smbports.xml b/docs/smbdotconf/protocol/smbports.xml
new file mode 100644
index 0000000000..35f2b7849e
--- /dev/null
+++ b/docs/smbdotconf/protocol/smbports.xml
@@ -0,0 +1,11 @@
+<samba:parameter name="smb ports"
+                 context="G"
+				 type="list"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+	<para>Specifies which ports the server should listen on for SMB traffic.</para>
+</description>
+
+<value type="default">445 139</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/timeserver.xml b/docs/smbdotconf/protocol/timeserver.xml
new file mode 100644
index 0000000000..8a6923541f
--- /dev/null
+++ b/docs/smbdotconf/protocol/timeserver.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="time server"
+                 context="G"
+				 type="boolean"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This parameter determines if <citerefentry><refentrytitle>nmbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> advertises itself as a time server to Windows 
+clients.</para>
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/unicode.xml b/docs/smbdotconf/protocol/unicode.xml
new file mode 100644
index 0000000000..c553d8e6ff
--- /dev/null
+++ b/docs/smbdotconf/protocol/unicode.xml
@@ -0,0 +1,20 @@
+<samba:parameter name="unicode"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>Specifies whether Samba should try 
+    to use Unicode on the wire by default. Note: This does NOT
+    mean that samba will assume that the UNIX machine uses Unicode!
+</para>
+
+<warning><para>DO NOT change this parameter</para><para>If Unicode is
+disabled, certain clients (Win2k, WinXP) are known to crash during
+domain logons, and many other aspects of the protocol have major known
+issues.  Microsoft does not produce a server that does not support
+Unicode, so probably never tests this combination.</para></warning>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/unixextensions.xml b/docs/smbdotconf/protocol/unixextensions.xml
new file mode 100644
index 0000000000..ab2427ca26
--- /dev/null
+++ b/docs/smbdotconf/protocol/unixextensions.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="unix extensions"
+                 context="G"
+				 type="boolean"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://samba.org/common">
+ <description>
+    <para>This boolean parameter controls whether Samba 
+    implments the CIFS UNIX extensions, as defined by HP. 
+    These extensions enable Samba to better serve UNIX CIFS clients
+    by supporting features such as symbolic links, hard links, etc...
+    These extensions require a similarly enabled client, and are of
+    no current use to Windows clients.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/usespnego.xml b/docs/smbdotconf/protocol/usespnego.xml
new file mode 100644
index 0000000000..1db46985b2
--- /dev/null
+++ b/docs/smbdotconf/protocol/usespnego.xml
@@ -0,0 +1,19 @@
+<samba:parameter name="use spnego"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This variable controls controls whether samba will try 
+    to use Simple and Protected NEGOciation (as specified by rfc2478) with 
+    WindowsXP and Windows2000 clients to agree upon an authentication mechanism. 
+</para>
+
+<para>
+    Unless further issues are discovered with our SPNEGO
+    implementation, there is no reason this should ever be
+	disabled.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/docs/smbdotconf/protocol/writeraw.xml b/docs/smbdotconf/protocol/writeraw.xml
new file mode 100644
index 0000000000..72a50840a4
--- /dev/null
+++ b/docs/smbdotconf/protocol/writeraw.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="write raw"
+                 context="G"
+				 type="boolean"
+                 developer="1"
+                 xmlns:samba="http://samba.org/common">
+<description>
+    <para>This parameter controls whether or not the server 
+    will support raw write SMB's when transferring data from clients. 
+    You should never need to change this parameter.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>